lunes, 1 de noviembre de 2010
Enforcing Compliance with the New SAP Security Guidelines
SAP security is no longer what it used to be. Over the last decade, the auditing industry has focused on the correct application of Segregation of Duties controls to prevent business fraud. Meanwhile, the leading IT security vendors have offered solutions to protect the underlying operating systems and databases from common security attacks. In 2010, neither of these courses of actions are suffcient.
In September 2010, SAP released “Secure Confguration of SAP NetWeaver ABAP – SAP Security Recommendations”1. It is an important, frst-of-its-kind whitepaper that addresses a growing threat affecting the business-critical information and processes of its customers. This document has a clearly defned goal: to provide “a set of security measures for ABAP systems against unauthorized access within the corporate network”.
SAP’s new guidelines will rapidly become a de-facto standard, prompting organizations to take the necessary steps to avoid leaving their business-critical information at risk from espionage, sabotage and fraud attacks.